I have an existing .NET 1.1 application that has trust set to medium in web.config. The app has worked fine for months without LLBLGenPro. When I try to instantiate a TypedList or an Entity, I get a security error:

Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Security error.

Source Error:

Line 92: Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load Line 93: If Not IsPostBack Then Line 94: PageSetup() Line 95: Line 96: 'If Session("OEEntryId") exists then the controls can be populated with data. This situation should only

Source File: c:\inetpub\wwwroot\oef\demographics.aspx.vb Line: 94

Stack Trace:

[SecurityException: Security error.] oef.demographics.PageSetup() +0 oef.demographics.Page_Load(Object sender, EventArgs e) in c:\inetpub\wwwroot\oef\demographics.aspx.vb:94 System.EventHandler.Invoke(Object sender, EventArgs e) +0 System.Web.UI.Control.OnLoad(EventArgs e) +67 System.Web.UI.Control.LoadRecursive() +35 System.Web.UI.Page.ProcessRequestMain() +2106 System.Web.UI.Page.ProcessRequest() +218 System.Web.UI.Page.ProcessRequest(HttpContext context) +18 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() +179 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87

Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573

If I remove the trust line, I get this error:

Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: Assembly sd.llblgen.pro.dqe.sqlserver.net11.dll security permission grant set is incompatible between appdomains.

Source Error:

Line 196: <add assembly="System.EnterpriseServices, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> Line 197: <add assembly="System.Web.Mobile, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> Line 198: <add assembly="*"/> Line 199: </assemblies> Line 200: </compilation>

Source File: c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config Line: 198

Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573

Has this behavior been observed before? I can use LLBLGenPro in a desktop app with no problems.

If you want to fill an entity with data, it is reading the connection string from the web.config file. I'm not sure if 'medium' permits reading the web.config file or not. If it doesn't, that's the cause of the problem.

Hmmm, I altered HelperClasses/DbUtils.cs and DbUtilsComPlus.cs so that rather than read from the web.config file, they used a string value that I placed in the code in the CreateConnection() function but still get security error as described below unless trust is set to Full or removed completely. I'd really like to not deploy this app as fully trusted unless absolutely necesary. Do you have any other ideas or references I could examine?

What's the exact code in PageSetup() ?

Also, do you reference llblgen assemblies using the GAC? If so, are these assemblies located on a network share?

At this point all code/assemblies are local to my workstation.

Here is contents of PageSetup(). It blows up when tlClientEx is instantiated at anything other than Full trust.

    Dim tlClientEx As OefClientExTypedList


    Try
        tlClientEx = New OefClientExTypedList

        oMast.sConnectionString = ConnStr
        oMast.iId = New SqlInt32(CInt(Session("WorkCode")))
        oMast.SelectOne()

        Dim selectFilter As New PredicateExpression
        selectFilter.Add(OefDataAccess.FactoryClasses.PredicateFactory.CompareValue(OefDataAccess.ClientExceptionClassFieldIndex.ClientID, ComparisonOperator.Equal, oMast.iClientId.Value))
        Dim sorter As ISortExpression = New SortExpression(SortClauseFactory.Create(OefDataAccess.ClientExceptionClassFieldIndex.ClientID, SortOperator.Ascending))
        tlClientEx.Fill(1, sorter, False, selectFilter) 'There should be only one row returned!

        If tlClientEx.Item(0).IsOE_Race_HiddenNull Then
            pnlRace.Visible = False
        Else
            If tlClientEx.Item(0).OE_Race_Hidden = 1 Then
                pnlRace.Visible = False
            Else
                pnlRace.Visible = True
            End If
        End If
    Catch sex As System.Security.SecurityException
        litMsg.Text = sex.Message & "<BR><BR>" & sex.GrantedSet & "<BR><BR>" & sex.RefusedSet & "<BR><BR>" & sex.PermissionState.ToString() & "<BR><BR>" & sex.PermissionType.ToString() & "<BR><BR>" & sex.TargetSite.Name.ToString()
    Catch ex As Exception
        litMsg.Text = ErrorString(ex)
    Finally
        If Not tlClientEx Is Nothing Then
            tlClientEx.Dispose()
        End If

        If Not oMast Is Nothing Then
            oMast.Dispose()
        End If
    End Try

Ok, I'll read up on 'medium trust' levels in web.config and will get back to you.